Skip to main content
CVE-2023-0999 HIGH POC This Week

A vulnerability classified as problematic was found in SourceCodester Sales Tracker Management System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Sales Tracker Management System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-0997 HIGH POC This Week

A vulnerability was found in SourceCodester Moosikay E-Commerce System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Moosikay E Commerce System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.9%
CVE-2023-26102 HIGH POC This Week

All versions of the package rangy are vulnerable to Prototype Pollution when using the extend() function in file rangy-core.js.The function uses recursive merge which can lead an attacker to modify. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Prototype Pollution Rangy
NVD GitHub
CVSS 3.1
8.2
EPSS
0.8%
CVE-2023-1007 HIGH POC This Week

A vulnerability was found in Twister Antivirus 8.17. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Twister Antivirus
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-1005 HIGH POC This Week

A vulnerability was found in JP1016 Markdown-Electron and classified as critical. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Markdown Electron
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-1004 HIGH POC This Week

A vulnerability has been found in MarkText up to 0.17.1 on Windows and classified as critical. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Microsoft Marktext
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-0994 HIGH POC PATCH This Week

Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository francoisjacquet/rosariosis prior to 10.8.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Rosariosis
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2023-0996 HIGH PATCH This Week

There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Libheif
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-25956 HIGH PATCH This Week

Generation of Error Message Containing Sensitive Information vulnerability in the Apache Airflow AWS Provider.2.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apache Information Disclosure Apache Airflow Providers Amazon
NVD GitHub
CVSS 3.1
7.5
EPSS
1.5%
CVE-2023-25692 HIGH PATCH This Week

Improper Input Validation vulnerability in the Apache Airflow Google Provider.10.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apache Information Disclosure Google Apache Airflow Providers Google
NVD GitHub
CVSS 3.1
7.5
EPSS
1.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy